X-Git-Url: https://git.sur5r.net/?a=blobdiff_plain;f=servers%2Fslapd%2Fslap.h;h=358ac633408191b672fe384e91748b9500ca8097;hb=2f9b89b4afc2f8fc68ab3f2d1122c92ec53db926;hp=a8efb056e8807d0b20785add3b20c8b4ea6e8309;hpb=bdad40c696b78d3ef75c3191bbc219a90ef2a84a;p=openldap diff --git a/servers/slapd/slap.h b/servers/slapd/slap.h index a8efb056e8..358ac63340 100644 --- a/servers/slapd/slap.h +++ b/servers/slapd/slap.h @@ -218,25 +218,26 @@ typedef struct slap_ssf_set { /* * represents schema information for a database */ -#define SLAP_SCHERR_OUTOFMEM 1 -#define SLAP_SCHERR_CLASS_NOT_FOUND 2 -#define SLAP_SCHERR_CLASS_BAD_USAGE 3 -#define SLAP_SCHERR_CLASS_OPERATIONAL 4 -#define SLAP_SCHERR_ATTR_NOT_FOUND 5 -#define SLAP_SCHERR_ATTR_BAD_USAGE 6 -#define SLAP_SCHERR_DUP_CLASS 7 -#define SLAP_SCHERR_DUP_ATTR 8 -#define SLAP_SCHERR_DUP_SYNTAX 9 -#define SLAP_SCHERR_DUP_RULE 10 -#define SLAP_SCHERR_NO_NAME 11 -#define SLAP_SCHERR_ATTR_INCOMPLETE 12 -#define SLAP_SCHERR_MR_NOT_FOUND 13 -#define SLAP_SCHERR_SYN_NOT_FOUND 14 -#define SLAP_SCHERR_MR_INCOMPLETE 15 -#define SLAP_SCHERR_NOT_SUPPORTED 16 -#define SLAP_SCHERR_BAD_DESCR 17 -#define SLAP_SCHERR_OIDM 18 -#define SLAP_SCHERR_LAST SLAP_SCHERR_OIDM +#define SLAP_SCHERR_OUTOFMEM 1 +#define SLAP_SCHERR_CLASS_NOT_FOUND 2 +#define SLAP_SCHERR_CLASS_BAD_USAGE 3 +#define SLAP_SCHERR_CLASS_BAD_SUP 4 +#define SLAP_SCHERR_CLASS_DUP 5 +#define SLAP_SCHERR_ATTR_NOT_FOUND 6 +#define SLAP_SCHERR_ATTR_BAD_USAGE 7 +#define SLAP_SCHERR_ATTR_BAD_SUP 8 +#define SLAP_SCHERR_ATTR_INCOMPLETE 9 +#define SLAP_SCHERR_ATTR_DUP 10 +#define SLAP_SCHERR_MR_NOT_FOUND 11 +#define SLAP_SCHERR_MR_INCOMPLETE 12 +#define SLAP_SCHERR_MR_DUP 13 +#define SLAP_SCHERR_SYN_NOT_FOUND 14 +#define SLAP_SCHERR_SYN_DUP 15 +#define SLAP_SCHERR_NO_NAME 16 +#define SLAP_SCHERR_NOT_SUPPORTED 17 +#define SLAP_SCHERR_BAD_DESCR 18 +#define SLAP_SCHERR_OIDM 19 +#define SLAP_SCHERR_LAST SLAP_SCHERR_OIDM typedef union slap_sockaddr { struct sockaddr sa_addr; @@ -249,6 +250,10 @@ typedef union slap_sockaddr { #endif } Sockaddr; +#ifdef LDAP_PF_INET6 +extern int slap_inet4or6; +#endif + typedef struct slap_oid_macro { struct berval som_oid; char **som_names; @@ -433,8 +438,10 @@ typedef struct slap_attribute_type { AttributeTypeSchemaCheckFN *sat_check; -#define SLAP_AT_NONE 0x0000U -#define SLAP_AT_HIDE 0x0001U /* hide attribute */ +#define SLAP_AT_NONE 0x0000U +#define SLAP_AT_ABSTRACT 0x0100U /* cannot be instantiated */ +#define SLAP_AT_FINAL 0x0200U /* cannot be subtyped */ +#define SLAP_AT_HIDE 0x8000U /* hide attribute */ slap_mask_t sat_flags; struct slap_attribute_type *sat_next; @@ -591,6 +598,7 @@ struct slap_internal_schema { AttributeDescription *si_ad_supportedLDAPVersion; AttributeDescription *si_ad_supportedSASLMechanisms; AttributeDescription *si_ad_supportedFeatures; + AttributeDescription *si_ad_monitorContext; AttributeDescription *si_ad_vendorName; AttributeDescription *si_ad_vendorVersion; @@ -615,6 +623,8 @@ struct slap_internal_schema { /* Access Control Internals */ AttributeDescription *si_ad_entry; AttributeDescription *si_ad_children; + AttributeDescription *si_ad_saslAuthzTo; + AttributeDescription *si_ad_saslAuthzFrom; #ifdef SLAPD_ACI_ENABLED AttributeDescription *si_ad_aci; #endif @@ -1166,7 +1176,9 @@ struct slap_backend_db { #define SLAP_DISALLOW_BIND_ANON 0x0001U /* no anonymous */ #define SLAP_DISALLOW_BIND_SIMPLE 0x0002U /* simple authentication */ -#define SLAP_DISALLOW_BIND_KRBV4 0x0004U /* Kerberos V4 authentication */ +#define SLAP_DISALLOW_BIND_SIMPLE_UNPROTECTED \ + 0x0004U /* unprotected simple auth */ +#define SLAP_DISALLOW_BIND_KRBV4 0x0008U /* Kerberos V4 authentication */ #define SLAP_DISALLOW_TLS_2_ANON 0x0010U /* StartTLS -> Anonymous */ #define SLAP_DISALLOW_TLS_AUTHC 0x0020U /* TLS while authenticated */ @@ -1546,7 +1558,7 @@ typedef struct slap_conn { /* only can be changed by binding thread */ int c_sasl_bind_in_progress; /* multi-op bind in progress */ struct berval c_sasl_bind_mech; /* mech in progress */ - struct berval c_cdn; + struct berval c_sasl_dn; /* temporary storage */ /* authorization backend */ Backend *c_authz_backend; @@ -1601,26 +1613,6 @@ typedef struct slap_conn { #define Statslog( level, fmt, connid, opid, arg1, arg2, arg3 ) #endif - -#define SASLREGEX_REPLACE 10 -#define SASL_AUTHZ_SOURCE_ATTR "saslAuthzTo" -#define SASL_AUTHZ_DEST_ATTR "saslAuthzFrom" - -typedef struct sasl_uri { - struct berval dn; - struct berval filter; - int scope; -} SaslUri_t; - -typedef struct sasl_regexp { - char *sr_match; /* regexp match pattern */ - SaslUri_t sr_replace; /* regexp replace pattern */ - regex_t sr_workspace; /* workspace for regexp engine */ - regmatch_t sr_strings[SASLREGEX_REPLACE]; /* strings matching $1,$2 ... */ - int sr_dn_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */ - int sr_fi_offset[SASLREGEX_REPLACE+2]; /* offsets of $1,$2... in *replace */ -} SaslRegexp_t; - /* * listener; need to access it from monitor backend */